export function getKeyPair(key, salt, callback) { const keyHash = new BLAKE2s(32) keyHash.update(nacl.util.decodeUTF8(key)) getScryptKey(keyHash.digest(), nacl.util.decodeUTF8(salt), keyBytes => callback(nacl.box.keyPair.fromSecretKey(keyBytes))) }
export function miniLockId(publicKey) { const id = new Uint8Array(33) id.set(publicKey) const hash = new BLAKE2s(1) hash.update(publicKey) // The last byte is the checksum. id[32] = hash.digest()[0] return Base58.encode(id) }
export function validateId(id) { if (!/^[1-9ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz]{40,55}$/ .test(id)) { return false } const bytes = Base58.decode(id) if (bytes.length !== 33) { return false } const hash = new BLAKE2s(1) hash.update(bytes.slice(0, 32)) return hash.digest()[0] === bytes[32] }
module.exports = function session (email, password, callback) { 'use strict' // A 32 Byte BLAKE2s hash of the password bytes var keyHash = new BLAKE2s() keyHash.update(decodeUTF8(password)) var scryptKey = keyHash.digest() getScryptKey(scryptKey, email, 17, 8, 64, 1000, function (scryptByteArray) { try { var keys, seedBytesUint8Array, boxKeyPairSeed, signKeyPairSeed, signKeyPair // Convert scrypt Array of Bytes to Uint8Array seedBytesUint8Array = new Uint8Array(scryptByteArray) // First 32 Bytes of scrypt seed for encryption keys // Note : first 32 Bytes are the same for dkLen 32 (old way) and 64! boxKeyPairSeed = seedBytesUint8Array.subarray(0, 32) keys = nacl.box.keyPair.fromSecretKey(boxKeyPairSeed) keys.publicKeyBase64 = base64.fromByteArray(keys.publicKey) keys.secretKeyBase64 = base64.fromByteArray(keys.secretKey) // Last 32 Bytes of scrypt seed for signing keys signKeyPairSeed = seedBytesUint8Array.subarray(32, 64) signKeyPair = nacl.sign.keyPair.fromSeed(signKeyPairSeed) keys.publicSignKey = signKeyPair.publicKey keys.publicSignKeyBase64 = base64.fromByteArray(signKeyPair.publicKey) keys.secretSignKey = signKeyPair.secretKey keys.secretSignKeyBase64 = base64.fromByteArray(signKeyPair.secretKey) return callback(null, keys) } catch (err) { return callback(err) } }) }